Custom Base DN's for LDAP Authentication
Mark Cairney
mark.cairney at ed.ac.uk
Tue Nov 22 14:13:46 GMT 2011
Won't it do a sub-tree search by default anyway meaning that providing your uid's are unique it should find it if you set your base DN to be the root DN of your DIT?
Cheers,
Mark
On 22 Nov 2011, at 13:42, Chad La Joie wrote:
> You can't. The base DN is the highest node in the LDAP DIT from which
> you begin searching. By definition it doesn't change, nor would you
> want it to since doing so would introduce security concerns.
>
> On Mon, Nov 21, 2011 at 23:35, K Hall <khkaufen at yahoo.com> wrote:
>>
>> If I want to adjust the base dn for searches based on each login criteria, how would I do that? For example, if I want to prefix a base dn with an ou=user02, based on how they came into the system, how could I do that?
>>
>> I'm using the ldaploginmodule and specifying the userFilter as uid={0}, but is there a way to do this for the baseDN?
>> --
>> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
>
>
> --
> Chad La Joie
> www.itumi.biz
> trusted identities, delivered
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
/*********************************
Mark Cairney
ITI UNIX Section
Information Services
University of Edinburgh
Tel: 0131 650 6565
Email: mark.cairney at ed.ac.uk
*********************************/
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
More information about the users
mailing list